• Journal of Multimedia Information System
• /
• v.7 no.3
• /
• pp.215-220
• /
• 2020

Many state agencies and companies collect personal data for the purpose of providing public services and marketing activities and use it for the benefit and results of the organization. In order to prevent the spread of COVID-19 recently, personal data is being collected to understand the movements of individuals. However, due to the lack of technical and administrative measures and internal controls on collected personal information, errors and leakage of personal data have become a major social issue, and the government is aware of the importance of personal data and is promoting the protection of personal information. However, theory-based training and document-based intrusion prevention training are not effective in improving the capabilities of the privacy officer. This study analyzes the processing steps and types of accidents of personal data managed by the organization and describes measures against personal data leakage and misuse in advance. In particular, using Capture the Flag (CTF) scenarios, an evaluation platform design is proposed to respond to personal data breaches. This design was proposed as a troubleshooting method to apply ISMS-P and ISO29151 indicators to reflect the factors and solutions to personal data operational defects and to make objective measurements.

• Journal of Korean Society of Archives and Records Management
• /
• v.19 no.2
• /
• pp.147-172
• /
• 2019

With the provision of the original text information disclosure service, the time spent on determining the disclosure of the original text information decreased, and the number of original text information disclosure significantly increased. In public institutions, the risk of the exposure of personal information also increased. In this study, the status of personal information protection in the original text information disclosure service was investigated. Moreover, the causes of the exposure of personal information were analyzed, and improvements were proposed. The survey presented the following results. First, 13% of the original text information collected contains personal information, which is the nondisclosure information. Second, among the original text information that includes personal information, the original text information, including the personal information of the public official, was the most important. In particular, many records about vacation and medical leaves were found. Third, there were many cases in which information about the individual of the representative was exposed in the agency that deals mainly with the contract work. Fourth, a large volume of personal information was not detected by filtering personal information. Upon analyzing the cause of the exposure of personal information, the following improvements are suggested. First, privacy guidelines should be redesigned. Second, the person in charge of the task of deciding whether or not to disclose original text information should be trained further. Third, the excessive disclosure of information based on the government's quantitative performance should be eased. Fourth, the filtering function of the personal information of the original text information disclosure system should be improved.

• Journal of Legislation Research
• /
• no.53
• /
• pp.177-211
• /
• 2017

In the course of the emergence and development of new ICT technologies and services such as Big Data, Internet of Things and Artificial Intelligence, the future will change by these new innovations in the Fourth Industrial Revolution. The future of this fourth industrial revolution will change and our future will be data-based society or economy. Since there is personal information at the center of it, the development of the economy through the utilization of personal information will depend on how to make the personal information protection laws. In Korea, which is trying to lead the 4th industrial revolution, it is a legal interest that can not give up the use of personal information, and also it is an important legal benefit that can not give up the personal interests of individuals who want to protect from personal information. Therefore, it is necessary to change the law on personal information protection in a rational way to harmonize the two. In this regard, this article discusses the problems of duplication and incompatibility of the personal information protection law, the scope of application of the personal information protection law and the uncertainty of the judgment standard, the lack of flexibility responding to the demand for the use of reasonable personal information, And there is a problem of reverse discrimination against domestic area compared to the regulated blind spot in foreign countries. In order to solve these problems and to improve the legislation of personal information protection in the era of the fourth industrial revolution, we proposed to consider both personal information protection and safe use by improving the purpose and regulation direction of the personal information protection law. The balance and harmony between the systematical maintenance of the personal information protection legislation and laws and regulations were also set as important directions. It is pointed out that the establishment of rational judgment criteria and the legislative review to clarify it are necessary for the constantly controversial personal information definition regulation and the method of allowing anonymization information as the intermediate domain. In addition to the legislative review for the legitimate and non-invasive use of personal information, there is a need to improve the collective consent system for collecting personal information to differentiate the subject and to improve the legislation to ensure the effectiveness of the regulation on the movement of personal information between countries. In addition to the issues discussed in this article, there may be a number of challenges, but overall, the protection and use of personal information should be harmonized while maintaining the direction indicated above.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.12
• /
• pp.101-108
• /
• 2017

The study proposed a system that filters the data that is entered when analyzing big data such as SNS and BLOG. Personal information includes impersonal personal information, but there is also personal information that distinguishes it from personal information, such as religious institution, personal feelings, thoughts, or beliefs. Define these personally identifiable information as sensitive information. In order to prevent this, Article 23 of the Privacy Act has clauses on the collection and utilization of the information. The proposed system structure is divided into two stages, including Big Data Processing Processes and Sensitive Information Filtering Processes, and Big Data processing is analyzed and applied in Big Data collection in four stages. Big Data Processing Processes include data collection and storage, vocabulary analysis and parsing and semantics. Sensitive Information Filtering Processes includes sensitive information questionnaires, establishing sensitive information DB, qualifying information, filtering sensitive information, and reliability analysis. As a result, the number of Big Data performed in the experiment was carried out at 84.13%, until 7553 of 8978 was produced to create the Ontology Generation. There is considerable significan ce to the point that Performing a sensitive information cut phase was carried out by 98%.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.1
• /
• pp.247-257
• /
• 2016

It is required to have Personal Information Agreement when a financial company uses personal information by the Law of Privacy. So, financial companies have to demand customers the submission of Personal Information Agreement. Thus, financial companies have made Personal Information Agreement in various formats for customers. However, financial companies are lack of a verification process, the cases of collecting invalid Agreement often occurred. This study focuses on the verification process of Personal Information Agreement and the contents of Personal Information Agreement. In conclusion, this study proposes an improved model that added to the process of verification for the concept of Agreement. Based on this study, I hope financial companies to reform their agreement process and to improve the effectiveness on the implementation of Personal Information Utilization Agreement.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1199-1206
• /
• 2013

SNS is relationship based service and its users are increasing rapidly because it can be used in variety forms as penetration rate of Smartphone increased. Accordingly personal information can be exposed easily and spread rapidly in SNS so self-control on information management, right to control open and distribution of own personal information is necessary. This research suggest way of measuring personal information leaking risk factor through personal information leaking possible territory's, based on property value and relationship of personal information in SNS, personal information exposure frequency and access rate. Suggested method expects to used in strengthening self-control on information management right by arousing attention of personal information exposure to SNS users.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.05a
• /
• pp.273-276
• /
• 2014

In 2014, the leakage of personal information from 3 credit card companies resulted in divulging approximately 10,000 customers' personal information. Although the credit card companies concluded that there was no secondary loss due to the leakage of personal information, secondary financial losses resulting from the leakage of personal information currently occur. In particular, hackers who employ smishing masquerade acquaintances by using the divulged personal information to ask payment for Ms. Kim's Sochi Olympics legal processing or exposed traffic violations. The hackers cause secondary financial losses through smartphones. This study aims to conduct a forensic analysis of smishing incidents in smartphones through the leakage of personal information, and to make a forensic analysis of financial losses due to the smishing incidents.

• Journal of Korea Spatial Information System Society
• /
• v.11 no.2
• /
• pp.54-62
• /
• 2009

This paper proposes a framework for personal location based services with personal life content, for example diaries, schedules and to-do lists. A lot of Internet users are recording their personal experiences and knowledge as text and other digital media on the network. Our proposed tool provides users with an environment to store personal records with related place attributes, and to retrieve these personal records at the right place. There are two applications on this tool, a place-enhanced blog and a LBS client on a mobile phone. The place enhanced blog provides users with blog interfaces for inputting place information. The place rem inder is a browser for spatial data on the place enhanced blog. Users can generate place information by writing personal records on their blog. Furthermore, using the LBS client, other users can retrieve personal records at the appropriate spots.

• The Journal of the Korea Contents Association
• /
• v.10 no.11
• /
• pp.262-274
• /
• 2010

In Welfare Center for the disabled, under the Government's information acceleration plan, the computer system has been developed starting from work standardization in 2001 but it has been emphasized only on the technical and customer convenience side leaving out preparation for the side effects of them. Therefore this article will seek the necessity of personal information protection, legal basis in the Welfare Center for the disabled. Additionally after analyzing current status for the personal security of Welfare Center for the disabled, establishing an alternative plan for personal security policy's way could be addressed. Increasing education for awareness stress of personal information security, and preparing institutional protection apparatus from applying life cycle of personal information would be an alternative plan for personal information protection for Welfare Center for the disabled. Also frequent monitoring of accessing personal information from the computerized system should be achieved. It is impossible to recover damage caused by leak of personal information although post actions are progressed. From this essay, awareness of personal information protection should be newly revised for both the Social Welfare Organization and the Disabled welfare center, and also technical, institutional strategy's action should be arranged.

• KIPS Transactions on Computer and Communication Systems
• /
• v.12 no.11
• /
• pp.329-336
• /
• 2023

This paper analyzes the Personal Information Protection Act and related legal guides revised in 2023, proposes a framework for a consignment contract through the items necessary in the consignment relationship for personal information work, and inspects the status of personal information protection for consignees that are absent in Korea. By proposing common items that must be included, we prevent the occurrence of personal information leakage incidents by strengthening the basic personal information protection capabilities of trustees handling personal information work and alleviating the burden of essential personal information protection inspections. I want to do it.